search menu icon-carat-right cmu-wordmark

CERT Coordination Center

NetSupport Manager Gateway transmits identifying information in plaintext

Vulnerability Note VU#465239

Original Release Date: 2010-11-03 | Last Revised: 2010-11-03

Overview

The NetSupport HTTP protocol implementation used for communication between the NetSupport Manager Gateway and NetSupport Manager Controls or NetSupport Manager Clients is not encrypting http headers sent between systems.

Description

The NetSupport HTTP protocol implementation used for communication between the NetSupport Manager Gateway and NetSupport Manager Controls or NetSupport Manager Clients is sending plaintext http headers between systems. The header of some of the NetSupport HTTP packets contain information in plaintext that could be used to identify information about the client machine.

Impact

An attacker could view identification information about the client machine such as the client's ip address, hardware MAC address, user's login name, and password hash.

Solution

Upgrade

According to the vendor's technical document the NetSupport HTTP protocol implementation has been updated so that all header communication is now encrypted in the current shipping version of the NetSupport Manager product (version 11.00.0005).

Additional information is available in the Vendors Affected section of this document.

Vendor Information

465239
 
Affected   Unknown   Unaffected

NetSupport Ltd

Updated:  September 10, 2010

Status

  Affected

Vendor Statement

The vendor has stated the following regarding this vulnerability.


    The NetSupport Manager Gateway now has two additional configuration options available on the Security Tab of the Gateway configuration utility these are detailed below

    Enable encryption of communications to remote computers
    This option is checked by default and enables the encryption of all Header information when communicating with Clients or Controls that are version 11.00.0005 or later. Clients and Controls from previous versions will still be able to communicate however, communications with older versions will contain unencrypted data in the header.

    Block any remote computers not using encrypted communications
    When checked this option communication from older versions that do not support the enhanced level of encryption will be blocked. Thus any Client or Control prior to version 11.00.0005 will no longer connect to this Gateway.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References


CVSS Metrics

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A

References

Acknowledgements

Thanks to Matthew Whitehead for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: None
Severity Metric: 4.97
Date Public: 2010-11-03
Date First Published: 2010-11-03
Date Last Updated: 2010-11-03 18:17 UTC
Document Revision: 21

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.